Skip to content

GitLab

Switch branch/tag
History Find file
Clone
CRED: Fix get_task_cred() and task_state() to not resurrect dead credentials
David Howells authored 
It's possible for get_task_cred() as it currently stands to 'corrupt' a set of
credentials by incrementing their usage count after their replacement by the
task being accessed.

What happens is that get_task_cred() can race with commit_creds():

	TASK_1			TASK_2			RCU_CLEANER
	-->get_task_cred(TASK_2)
	rcu_read_lock()
	__cred = __task_cred(TASK_2)
				-->commit_creds()
				old_cred = TASK_2->real_cred
				TASK_2->real_cred = ...
				put_cred(old_cred)
				  call_rcu(old_cred)
		[__cred->usage == 0]
	get_cred(__cred)
		[__cred->usage == 1]
	rcu_read_unlock()
							-->put_cred_rcu()
							[__cred->usage == 1]
							panic()

However, since a tasks credentials are generally not changed very often, we can
reasonably make use of a loop involving reading the creds pointer and using
atomic_inc_not_zero() to attempt to increment it if it hasn't already hit zero.

If successful, we can safely return the credentials in the knowledge that...
de09a977
Name Last commit Last update
debug sysrq,kdb: Use __handle_sysrq() for kdb's sysrq function
gcov microblaze: Enable GCOV_PROFILE_ALL
irq genirq: Deal with desc->set_type() changing desc->chip
power suspend: Move NVS save/restore code to generic suspend functionality
time Merge branch 'sched-fixes-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip
trace perf/tracing: Fix regression of perf losing kprobe events
.gitignore Update kernel/.gitignore with new auto-generated files
Kconfig.freezer container freezer: implement freezer cgroup subsystem
Kconfig.hz sched: fix SCHED_HRTICK dependency
Kconfig.locks mutex: Better control mutex adaptive spinning config
Kconfig.preempt rcu: provide RCU options on non-preempt architectures too
Makefile Move kernel/kgdb.c to kernel/debug/debug_core.c
acct.c Merge branch 'next' into for-linus
async.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
audit.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
audit.h Fix rule eviction order for AUDIT_DIR
audit_tree.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
audit_watch.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
auditfilter.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
auditsc.c audit: preface audit printk with audit
backtracetest.c backtrace: replace timer with tasklet + completions
bounds.c kbuild: move bounds.h to include/generated
capability.c sched: Remove remaining USER_SCHED code
cgroup.c cgroups: alloc_css_id() increments hierarchy depth
cgroup_freezer.c Freezer / cgroup freezer: Update stale locking comments
compat.c
configs.c
cpu.c
cpuset.c
cred.c
delayacct.c
dma.c
early_res.c
elfcore.c
exec_domain.c
exit.c
extable.c
fork.c
freezer.c
futex.c
futex_compat.c
groups.c
hrtimer.c
hung_task.c
hw_breakpoint.c
itimer.c
kallsyms.c
kexec.c
kfifo.c
kmod.c
kprobes.c
ksysfs.c
kthread.c
latencytop.c
lockdep.c
lockdep_internals.h
lockdep_proc.c
lockdep_states.h
module.c
mutex-debug.c
mutex-debug.h
mutex.c
mutex.h
notifier.c
ns_cgroup.c
nsproxy.c
padata.c
panic.c
params.c
perf_event.c
pid.c
pid_namespace.c
pm_qos_params.c
posix-cpu-timers.c
posix-timers.c
printk.c
profile.c
ptrace.c
range.c
rcupdate.c
rcutiny.c
rcutiny_plugin.h
rcutorture.c
rcutree.c
rcutree.h
rcutree_plugin.h
rcutree_trace.c
relay.c
res_counter.c
resource.c
rtmutex-debug.c
rtmutex-debug.h
rtmutex-tester.c
rtmutex.c
rtmutex.h
rtmutex_common.h
rwsem.c
sched.c
sched_clock.c
sched_cpupri.c
sched_cpupri.h
sched_debug.c
sched_fair.c
sched_features.h
sched_idletask.c
sched_rt.c